精读比特币-4
原文:
Transactions
We define an electronic coin as a chain of digital signatures. Each owner transfers the coin to the next by digitally signing a hash of the previous transaction and the public key of the next owner and adding these to the end of the coin. A payee can verify the signatures to verify the chain of ownership.
transaction.png
The problem of course is the payee can't verify that one of the owners did not double-spend the coin. A common solution is to introduce a trusted central authority, or mint, that checks every transaction for double spending. After each transaction, the coin must be returned to the mint to issue a new coin, and only coins issued directly from the mint are trusted not to be double-spent. The problem with this solution is that the fate of the entire money system depends on the company running the mint, with every transaction having to go through them, just like a bank.
We need a way for the payee to know that the previous owners did not sign any earlier transactions. For our purposes, the earliest transaction is the one that counts, so we don't care about later attempts to double-spend. The only way to confirm the absence of a transaction is to be aware of all transactions. In the mint based model, the mint was aware of all transactions and decided which arrived first. To accomplish this without a trusted party, transactions must be publicly announced [1], and we need a system for participants to agree on a single history of the order in which they were received. The payee needs proof that at the time of each transaction, the majority of nodes agreed it was the first received.
翻译:
我们把电子货币定义为一系列的数字签名。每个拥有者把电子货币传给下一个人的方式是:对“前一笔交易”和“下一个拥有者的公钥”进行数字签名,并把这些添加到电子货币的末尾。货币接受者可以通过验证数字签名来验证所有权链。
问题是接受者并不能验证前面的拥有者没有“双花”(双重支付)电子货币。常规的解决办法是引入可信的中心化权威,或者铸币厂,它们会检查每一笔交易是否“双花”。每一笔交易结束后,电子货币必需得返回铸币厂再发行新币,只有从铸币厂直接发行的电子货币才被认为是没有被“双花”的。这种解决方案的问题是整个货币系统的命运完全依赖于经营铸币厂的公司,每一笔交易依旧需要经过它,铸币厂就像银行。
我们需要让货币接受者知道货币拥有者对更早些的交易并没有aign。对我们来说,早期的交易才是我们要考虑的,我们并不介意以后的交易是否“双花”。确认交易是否存在的唯一方法就是知道所有的交易。在铸币厂模式中,铸币厂知道所有的交易并决定交易的先后顺序。为了在没有可信第三方的存在下达到同样的目的,交易必需被公开宣布,而且我们需要一个系统以便让所有的参与者都同意他们接收到的单一交易历史。接收者需要证明,即每次交易时,大多数节点都同意这笔交易是最先被收到的。
交易过程图(前面那个图...)说明:
以中间方框transaction2为例
- owner1用自己的私钥给交易2进行数字签名(owner1's signature),并对(transaction2)前一个方框的transaction1和 transaction 2中owner2进行hash处理,结果是owner2的收款地址。
2.owner2用收到的owner1的公钥来验证交易。
作业:
在你所从事的工作领域里面,是不是也存在信任问题的地方,你觉得如果把hash加密算法引入进去,是不是可以解决部分问题呢?如果可能,你会怎么操作,请说明具体的场景,具体问题,以及为什么hash加密算法可以解决!
场景1:
我们工作中已经采用hash加密算法的一个场景是:利用hash算法可以验证文件或信息的一致性。
我们游戏正式发布前会有很多个版本,虽然开发人员每个版本都标注了版本号,但日常工作中还是有拿错版本的情况,尤其文件经多人之手(除了开发团队测试团队,还有别的团队)。每个正式版本会附带一个文件,里面列出了这个版本对应的SHA1,MD5(与SHA256一样是加密算法)。测试团队通过对比拿到版本的SHA1值和给定版本的SHA1值来确认文件就是我们需要的最新版本,而不是错拿的一个旧版本。
引用部分
Verifying the integrity of files or messages
Main article: File verification
An important application of secure hashes is verification of message integrity. Determining whether any changes have been made to a message (or a file), for example, can be accomplished by comparing message digests calculated before, and after, transmission (or any other event).
For this reason, most digital signature algorithms only confirm the authenticity of a hashed digest of the message to be "signed". Verifying the authenticity of a hashed digest of the message is considered proof that the message itself is authentic.
MD5, SHA1, or SHA2 hashes are sometimes posted along with files on websites or forums to allow verification of integrity.[6] This practice establishes a chain of trust so long as the hashes are posted on a site authenticated by HTTPS.
来源:https://en.wikipedia.org/wiki/Cryptographic_hash_function#Verifying_the_integrity_of_files_or_messages
场景2:
hash算法可以把任意长度的信息转变为固定长度的数字字母组合。这些数字字母组合是没有意义的。hash算法和密码学中的加密解密结合起来,既保证了传输过程中传递信息的不可识别,又达到了安全地发送和接收。
之前有个年轻同事把公司的一份算法文件通过邮件发送给了他的同学,被IT部门扫描到了,他直接被辞退了。暂且不谈同事的保密意识,我们就只说“邮件内容被IT部门扫描到”这个事情。相当于从发送方到接收方之间的传输被监视了。在这种情况下,可以使用hash加密算法对传输的内容进行加密。发送方用接收方的公钥对内容加密并传输,接收方用私钥来解密。在传输的过程中邮件内容就算被扫描,也无法被反向破解,邮件内容就不会被泄漏。发送者也就不会因为潜在的泄密风险被解雇。当然,如果这种情况发生,公司的信息安全就受到了极大的挑战。